suricata
Macros | Functions | Variables
detect-engine-register.c File Reference
#include "detect-smb-ntlmssp.h"
#include "suricata-common.h"
#include "suricata.h"
#include "detect.h"
#include "flow.h"
#include "flow-private.h"
#include "flow-bit.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-profile.h"
#include "detect-engine-alert.h"
#include "detect-engine-siggroup.h"
#include "detect-engine-address.h"
#include "detect-engine-proto.h"
#include "detect-engine-port.h"
#include "detect-engine-mpm.h"
#include "detect-engine-iponly.h"
#include "detect-engine-threshold.h"
#include "detect-engine-prefilter.h"
#include "rust.h"
#include "detect-engine-payload.h"
#include "detect-engine-dcepayload.h"
#include "detect-dns-opcode.h"
#include "detect-dns-rcode.h"
#include "detect-dns-rrtype.h"
#include "detect-dns-query.h"
#include "detect-dns-name.h"
#include "detect-dns-response.h"
#include "detect-tls-sni.h"
#include "detect-tls-certs.h"
#include "detect-tls-cert-fingerprint.h"
#include "detect-tls-cert-issuer.h"
#include "detect-tls-cert-subject.h"
#include "detect-tls-cert-serial.h"
#include "detect-tls-alpn.h"
#include "detect-tls-subjectaltname.h"
#include "detect-tls-random.h"
#include "detect-tls-ja3-hash.h"
#include "detect-tls-ja3-string.h"
#include "detect-tls-ja3s-hash.h"
#include "detect-tls-ja3s-string.h"
#include "detect-engine-state.h"
#include "detect-engine-analyzer.h"
#include "detect-http-cookie.h"
#include "detect-http-method.h"
#include "detect-http-ua.h"
#include "detect-http-host.h"
#include "detect-mark.h"
#include "detect-nfs-procedure.h"
#include "detect-nfs-version.h"
#include "detect-engine-event.h"
#include "decode.h"
#include "detect-config.h"
#include "detect-smb-share.h"
#include "detect-smb-version.h"
#include "detect-smtp.h"
#include "detect-base64-decode.h"
#include "detect-base64-data.h"
#include "detect-ipaddr.h"
#include "detect-ipopts.h"
#include "detect-tcp-flags.h"
#include "detect-fragbits.h"
#include "detect-fragoffset.h"
#include "detect-gid.h"
#include "detect-tcp-ack.h"
#include "detect-tcp-seq.h"
#include "detect-content.h"
#include "detect-uricontent.h"
#include "detect-pcre.h"
#include "detect-depth.h"
#include "detect-nocase.h"
#include "detect-rawbytes.h"
#include "detect-bytetest.h"
#include "detect-bytemath.h"
#include "detect-bytejump.h"
#include "detect-sameip.h"
#include "detect-l3proto.h"
#include "detect-ipproto.h"
#include "detect-within.h"
#include "detect-distance.h"
#include "detect-offset.h"
#include "detect-sid.h"
#include "detect-prefilter.h"
#include "detect-priority.h"
#include "detect-classtype.h"
#include "detect-reference.h"
#include "detect-tag.h"
#include "detect-threshold.h"
#include "detect-metadata.h"
#include "detect-msg.h"
#include "detect-rev.h"
#include "detect-flow.h"
#include "detect-flow-age.h"
#include "detect-flow-pkts.h"
#include "detect-requires.h"
#include "detect-tcp-window.h"
#include "detect-ftpbounce.h"
#include "detect-isdataat.h"
#include "detect-id.h"
#include "detect-rpc.h"
#include "detect-asn1.h"
#include "detect-filename.h"
#include "detect-filestore.h"
#include "detect-filemagic.h"
#include "detect-filemd5.h"
#include "detect-filesha1.h"
#include "detect-filesha256.h"
#include "detect-filesize.h"
#include "detect-dataset.h"
#include "detect-datarep.h"
#include "detect-dsize.h"
#include "detect-flowvar.h"
#include "detect-flowint.h"
#include "detect-pktvar.h"
#include "detect-noalert.h"
#include "detect-flowbits.h"
#include "detect-hostbits.h"
#include "detect-xbits.h"
#include "detect-csum.h"
#include "detect-stream_size.h"
#include "detect-engine-sigorder.h"
#include "detect-ttl.h"
#include "detect-fast-pattern.h"
#include "detect-itype.h"
#include "detect-icode.h"
#include "detect-icmp-id.h"
#include "detect-icmp-seq.h"
#include "detect-icmpv4hdr.h"
#include "detect-dce-iface.h"
#include "detect-dce-opnum.h"
#include "detect-dce-stub-data.h"
#include "detect-urilen.h"
#include "detect-bsize.h"
#include "detect-detection-filter.h"
#include "detect-http-client-body.h"
#include "detect-http-server-body.h"
#include "detect-http-header.h"
#include "detect-http-header-names.h"
#include "detect-http-headers.h"
#include "detect-http-raw-header.h"
#include "detect-http-uri.h"
#include "detect-http-protocol.h"
#include "detect-http-start.h"
#include "detect-http-stat-msg.h"
#include "detect-http-request-line.h"
#include "detect-http-response-line.h"
#include "detect-http2.h"
#include "detect-byte-extract.h"
#include "detect-file-data.h"
#include "detect-pkt-data.h"
#include "detect-replace.h"
#include "detect-tos.h"
#include "detect-app-layer-event.h"
#include "detect-app-layer-state.h"
#include "detect-lua.h"
#include "detect-iprep.h"
#include "detect-geoip.h"
#include "detect-app-layer-protocol.h"
#include "detect-template.h"
#include "detect-template2.h"
#include "detect-tcphdr.h"
#include "detect-tcpmss.h"
#include "detect-udphdr.h"
#include "detect-icmpv6hdr.h"
#include "detect-icmpv6-mtu.h"
#include "detect-ipv4hdr.h"
#include "detect-ipv6hdr.h"
#include "detect-krb5-cname.h"
#include "detect-krb5-errcode.h"
#include "detect-krb5-msgtype.h"
#include "detect-krb5-sname.h"
#include "detect-krb5-ticket-encryption.h"
#include "detect-sip-method.h"
#include "detect-sip-uri.h"
#include "detect-target.h"
#include "detect-quic-sni.h"
#include "detect-quic-ua.h"
#include "detect-quic-version.h"
#include "detect-quic-cyu-hash.h"
#include "detect-quic-cyu-string.h"
#include "detect-ja4-hash.h"
#include "detect-ftp-command.h"
#include "detect-entropy.h"
#include "detect-ftp-command-data.h"
#include "detect-ftp-reply.h"
#include "detect-bypass.h"
#include "detect-ftpdata.h"
#include "detect-engine-content-inspection.h"
#include "detect-transform-pcrexform.h"
#include "detect-transform-base64.h"
#include "util-rule-vars.h"
#include "app-layer.h"
#include "app-layer-protos.h"
#include "app-layer-htp.h"
#include "app-layer-smtp.h"
#include "detect-frame.h"
#include "detect-tls.h"
#include "detect-tls-cert-validity.h"
#include "detect-tls-version.h"
#include "detect-ssh-proto.h"
#include "detect-ssh-proto-version.h"
#include "detect-ssh-software.h"
#include "detect-ssh-software-version.h"
#include "detect-ssh-hassh.h"
#include "detect-ssh-hassh-server.h"
#include "detect-ssh-hassh-string.h"
#include "detect-ssh-hassh-server-string.h"
#include "detect-http-stat-code.h"
#include "detect-ssl-version.h"
#include "detect-ssl-state.h"
#include "detect-modbus.h"
#include "detect-dnp3.h"
#include "detect-ike-exch-type.h"
#include "detect-ike-spi.h"
#include "detect-ike-vendor.h"
#include "detect-ike-chosen-sa.h"
#include "detect-ike-key-exchange-payload-length.h"
#include "detect-ike-nonce-payload-length.h"
#include "detect-ike-nonce-payload.h"
#include "detect-ike-key-exchange-payload.h"
#include "detect-vlan.h"
#include "detect-email.h"
#include "action-globals.h"
#include "tm-threads.h"
#include "pkt-var.h"
#include "conf.h"
#include "conf-yaml-loader.h"
#include "stream-tcp.h"
#include "stream-tcp-inline.h"
#include "util-lua.h"
#include "util-var-name.h"
#include "util-classification-config.h"
#include "util-threshold-config.h"
#include "util-print.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-debug.h"
#include "util-hashlist.h"
#include "util-privs.h"
#include "util-profiling.h"
#include "util-validate.h"
#include "util-optimize.h"
#include "util-path.h"
#include "util-mpm-ac.h"
#include "runmodes.h"

Go to the source code of this file.

Macros

#define ARRAY_CAP_STEP   16
 

Functions

bool SigTableHasKeyword (const char *keyword)
 Check if a keyword exists. More...
 
int SigTableList (const char *keyword)
 
void SigTableCleanup (void)
 
int SCSigTablePreRegister (void(*KeywordsRegister)(void))
 
void SigTableInit (void)
 
void SigTableSetup (void)
 
void SigTableRegisterTests (void)
 

Variables

int DETECT_TBLSIZE = 0
 
int DETECT_TBLSIZE_IDX = DETECT_TBLSIZE_STATIC
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-engine-register.c.

Macro Definition Documentation

◆ ARRAY_CAP_STEP

#define ARRAY_CAP_STEP   16

Definition at line 479 of file detect-engine-register.c.

Function Documentation

◆ SCSigTablePreRegister()

int SCSigTablePreRegister ( void(*)(void)  KeywordsRegister)

Definition at line 487 of file detect-engine-register.c.

◆ SigTableCleanup()

void SigTableCleanup ( void  )

Definition at line 469 of file detect-engine-register.c.

References DETECT_TBLSIZE, SCFree, and sigmatch_table.

Referenced by GlobalsDestroy().

Here is the caller graph for this function:

◆ SigTableHasKeyword()

bool SigTableHasKeyword ( const char *  keyword)

Check if a keyword exists.

Definition at line 365 of file detect-engine-register.c.

References DETECT_TBLSIZE, flags, SigTableElmt_::name, name, SIGMATCH_NOT_BUILT, and sigmatch_table.

◆ SigTableInit()

void SigTableInit ( void  )

Definition at line 503 of file detect-engine-register.c.

References DETECT_TBLSIZE, DETECT_TBLSIZE_STATIC, DETECT_TBLSIZE_STEP, FatalError, SCCalloc, and sigmatch_table.

Referenced by ListKeywords(), LLVMFuzzerTestOneInput(), PostConfLoadedSetup(), and RunUnittests().

Here is the caller graph for this function:

◆ SigTableList()

int SigTableList ( const char *  keyword)

Definition at line 386 of file detect-engine-register.c.

References DETECT_TBLSIZE, flags, SigTableElmt_::name, name, SIGMATCH_NOT_BUILT, and sigmatch_table.

Referenced by ListKeywords().

Here is the caller graph for this function:

◆ SigTableRegisterTests()

void SigTableRegisterTests ( void  )

Definition at line 776 of file detect-engine-register.c.

References coverage_unittests, DETECT_TBLSIZE, g_ut_covered, g_ut_modules, name, SigTableElmt_::RegisterTests, SCLogDebug, SCLogWarning, and sigmatch_table.

◆ SigTableSetup()

void SigTableSetup ( void  )

Definition at line 515 of file detect-engine-register.c.

References DetectAckRegister(), DetectAppLayerEventRegister(), DetectAppLayerProtocolRegister(), DetectAppLayerStateRegister(), DetectAsn1Register(), DetectBase64DataRegister(), DetectBase64DecodeRegister(), DetectBsizeRegister(), DetectBypassRegister(), DetectByteExtractRegister(), DetectBytejumpRegister(), DetectBytemathRegister(), DetectBytetestRegister(), DetectClasstypeRegister(), DetectConfigRegister(), DetectContentRegister(), DetectCsumRegister(), DetectDatarepRegister(), DetectDatasetRegister(), DetectDceIfaceRegister(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDepthRegister(), DetectDetectionFilterRegister(), DetectDistanceRegister(), DetectDNP3Register(), DetectDnsNameRegister(), DetectDnsOpcodeRegister(), DetectDnsQueryRegister(), DetectDnsRcodeRegister(), DetectDnsResponseRegister(), DetectDnsRrtypeRegister(), DetectDsizeRegister(), DetectEngineEventRegister(), DetectEntropyRegister(), DetectFastPatternRegister(), DetectFiledataRegister(), DetectFilemagicRegister(), DetectFileMd5Register(), DetectFilenameRegister(), DetectFileSha1Register(), DetectFileSha256Register(), DetectFilesizeRegister(), DetectFilestoreRegister(), DetectFlagsRegister(), DetectFlowAgeRegister(), DetectFlowbitsRegister(), DetectFlowBytesRegister(), DetectFlowBytesToClientRegister(), DetectFlowBytesToServerRegister(), DetectFlowintRegister(), DetectFlowPktsRegister(), DetectFlowPktsToClientRegister(), DetectFlowPktsToServerRegister(), DetectFlowRegister(), DetectFlowvarRegister(), DetectFragBitsRegister(), DetectFragOffsetRegister(), DetectFrameRegister(), DetectFtpbounceRegister(), DetectFtpCommandDataRegister(), DetectFtpCommandRegister(), DetectFtpdataRegister(), DetectFtpReplyRegister(), DetectGeoipRegister(), DetectGidRegister(), DetectHostbitsRegister(), DetectHttp2Register(), DetectHttpClientBodyRegister(), DetectHttpCookieRegister(), DetectHttpHeaderNamesRegister(), DetectHttpHeaderRegister(), DetectHttpHeadersRegister(), DetectHttpHHRegister(), DetectHttpMethodRegister(), DetectHttpProtocolRegister(), DetectHttpRawHeaderRegister(), DetectHttpRequestHeaderRegister(), DetectHttpRequestLineRegister(), DetectHttpResponseHeaderRegister(), DetectHttpResponseLineRegister(), DetectHttpServerBodyRegister(), DetectHttpStartRegister(), DetectHttpStatCodeRegister(), DetectHttpStatMsgRegister(), DetectHttpUARegister(), DetectHttpUriRegister(), DetectIcmpIdRegister(), DetectIcmpSeqRegister(), DetectIcmpv4HdrRegister(), DetectICMPv6hdrRegister(), DetectICMPv6mtuRegister(), DetectICodeRegister(), DetectIdRegister(), DetectIkeChosenSaRegister(), DetectIkeExchTypeRegister(), DetectIkeKeyExchangePayloadLengthRegister(), DetectIkeKeyExchangeRegister(), DetectIkeNoncePayloadLengthRegister(), DetectIkeNonceRegister(), DetectIkeSpiRegister(), DetectIkeVendorRegister(), DetectIPAddrBufferRegister(), DetectIpOptsRegister(), DetectIPProtoRegister(), DetectIPRepRegister(), DetectIpv4hdrRegister(), DetectIpv6hdrRegister(), DetectIsdataatRegister(), DetectITypeRegister(), DetectJa4HashRegister(), DetectKrb5CNameRegister(), DetectKrb5ErrCodeRegister(), DetectKrb5MsgTypeRegister(), DetectKrb5SNameRegister(), DetectKrb5TicketEncryptionRegister(), DetectL3ProtoRegister(), DetectLuaRegister(), DetectMarkRegister(), DetectMetadataRegister(), DetectModbusRegister(), DetectMsgRegister(), DetectNfsProcedureRegister(), DetectNfsVersionRegister(), DetectNoalertRegister(), DetectNocaseRegister(), DetectOffsetRegister(), DetectPcreRegister(), DetectPktDataRegister(), DetectPktvarRegister(), DetectPrefilterRegister(), DetectPriorityRegister(), DetectQuicCyuHashRegister(), DetectQuicCyuStringRegister(), DetectQuicSniRegister(), DetectQuicUaRegister(), DetectQuicVersionRegister(), DetectRawbytesRegister(), DetectReferenceRegister(), DetectRegisterAppLayerHookLists(), DetectReplaceRegister(), DetectRequiresRegister(), DetectRevRegister(), DetectRpcRegister(), DetectSameipRegister(), DetectSeqRegister(), DetectSidRegister(), DetectSipMethodRegister(), DetectSipUriRegister(), DetectSmbNamedPipeRegister(), DetectSmbNtlmsspDomainRegister(), DetectSmbNtlmsspUserRegister(), DetectSmbShareRegister(), DetectSmbVersionRegister(), DetectSshHasshRegister(), DetectSshHasshServerRegister(), DetectSshHasshServerStringRegister(), DetectSshHasshStringRegister(), DetectSshProtocolRegister(), DetectSshSoftwareRegister(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectStreamSizeRegister(), DetectTagRegister(), DetectTargetRegister(), DetectTcphdrRegister(), DetectTcpmssRegister(), DetectTemplate2Register(), DetectTemplateRegister(), DetectThresholdRegister(), DetectTlsAlpnRegister(), DetectTlsCertChainLenRegister(), DetectTlsCertsRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), DetectTlsJa3StringRegister(), DetectTlsRandomRegister(), DetectTlsRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectAltNameRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectTosRegister(), DetectTransformFromBase64DecodeRegister(), DetectTransformPcrexformRegister(), DetectTtlRegister(), DetectUdphdrRegister(), DetectUricontentRegister(), DetectUrilenRegister(), DetectWindowRegister(), DetectWithinRegister(), and DetectXbitsRegister().

Referenced by ListKeywords(), LLVMFuzzerTestOneInput(), and RunUnittests().

Here is the caller graph for this function:

Variable Documentation

◆ DETECT_TBLSIZE

int DETECT_TBLSIZE = 0

Definition at line 289 of file detect-engine-register.c.

Referenced by PrefilterSetupRuleGroup(), SCDetectHelperNewKeywordId(), SCProfilingKeywordThreadSetup(), SCProfilingKeywordUpdateCounter(), SigMatchStrictEnabled(), SigTableApplyStrictCommandLineOption(), SigTableCleanup(), SigTableHasKeyword(), SigTableInit(), SigTableList(), and SigTableRegisterTests().

◆ DETECT_TBLSIZE_IDX

int DETECT_TBLSIZE_IDX = DETECT_TBLSIZE_STATIC

Definition at line 290 of file detect-engine-register.c.

Referenced by SCDetectHelperNewKeywordId().